From owner-freebsd-security Thu Nov 22 1:30:17 2001 Delivered-To: freebsd-security@freebsd.org Received: from freebie.atkielski.com (ASt-Lambert-101-2-1-14.abo.wanadoo.fr [193.251.59.14]) by hub.freebsd.org (Postfix) with ESMTP id E6FA537B405; Thu, 22 Nov 2001 01:30:08 -0800 (PST) Received: from contactdish (win.atkielski.com [10.0.0.10]) by freebie.atkielski.com (8.11.3/8.11.3) with SMTP id fAM9Tah79554; Thu, 22 Nov 2001 10:29:42 +0100 (CET) (envelope-from anthony@freebie.atkielski.com) Message-ID: <016001c17338$37d65240$0a00000a@atkielski.com> From: "Anthony Atkielski" To: "Peter Pentchev" Cc: "FreeBSD Questions" , References: <014201c17336$40653f90$0a00000a@atkielski.com> <20011122112415.B855@straylight.oblivion.bg> Subject: Re: setuid on nethack? Date: Thu, 22 Nov 2001 10:29:36 +0100 Organization: Anthony's Home Page (development site) MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org After seeing that the owner and group were games, I set the permissions back to 2511, which I assume is safe. Do I need to take special precautions if I play this game from root? Would 6511 be a better choice in that case? ----- Original Message ----- From: "Peter Pentchev" To: "Anthony Atkielski" Cc: "FreeBSD Questions" ; Sent: Thursday, November 22, 2001 10:24 Subject: Re: setuid on nethack? > On Thu, Nov 22, 2001 at 10:15:37AM +0100, Anthony Atkielski wrote: > > This morning I see an e-mail from the system telling me that setuid is set on > > nethack, the adventure-style game that I installed recently. Why would this > > game require this bit? I reset it with chmod 0544, which seems like plenty to > > me. > > AFAIK, many games on Unix systems are setuid or setgid 'games', so that > any user on the system can read and write the high scores and saved games. > If you only intend to play Nethack from one particular system account, > you should have no problem without the setuid bit, but make sure to > set the appropriate owner/group/permissions on the high scores and > saved games files/dirs. > > G'luck, > Peter > > -- > If this sentence didn't exist, somebody would have invented it. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message